我的书签
添加书签
移除书签Authentication and authorization
- About
- API reference
- API compatibility guidelines
- Editing kubelet log level verbosity and gathering logs
- Authorization APIs
- LocalSubjectAccessReview [authorization.openshift.io/v1]
- SelfSubjectRulesReview [authorization.openshift.io/v1]
- SubjectRulesReview [authorization.openshift.io/v1]
- TokenRequest [authentication.k8s.io/v1]
- TokenReview [authentication.k8s.io/v1]
- ResourceAccessReview [authorization.openshift.io/v1]
- LocalSubjectAccessReview [authorization.k8s.io/v1]
- About Authorization APIs
- LocalResourceAccessReview [authorization.openshift.io/v1]
- SelfSubjectRulesReview [authorization.k8s.io/v1]
- SubjectAccessReview [authorization.openshift.io/v1]
- SelfSubjectAccessReview [authorization.k8s.io/v1]
- SubjectAccessReview [authorization.k8s.io/v1]
- Autoscale APIs
- Common object reference
- Config APIs
- Build [config.openshift.io/v1]
- DNS [config.openshift.io/v1]
- About Config APIs
- HelmChartRepository [helm.openshift.io/v1beta1]
- ClusterOperator [config.openshift.io/v1]
- Authentication [config.openshift.io/v1]
- ClusterVersion [config.openshift.io/v1]
- OAuth [config.openshift.io/v1]
- Scheduler [config.openshift.io/v1]
- Network [config.openshift.io/v1]
- OperatorHub [config.openshift.io/v1]
- Infrastructure [config.openshift.io/v1]
- Node [config.openshift.io/v1]
- ProjectHelmChartRepository [helm.openshift.io/v1beta1]
- APIServer [config.openshift.io/v1]
- Image [config.openshift.io/v1]
- Proxy [config.openshift.io/v1]
- ImageContentPolicy [config.openshift.io/v1]
- Ingress [config.openshift.io/v1]
- Console [config.openshift.io/v1]
- Project [config.openshift.io/v1]
- FeatureGate [config.openshift.io/v1]
- Console APIs
- ConsolePlugin [console.openshift.io/v1]
- ConsoleExternalLogLink [console.openshift.io/v1]
- ConsoleLink [console.openshift.io/v1]
- About Console APIs
- ConsoleYAMLSample [console.openshift.io/v1]
- ConsoleQuickStart [console.openshift.io/v1]
- ConsoleCLIDownload [console.openshift.io/v1]
- ConsoleNotification [console.openshift.io/v1]
- Extension APIs
- Image APIs
- Image [image.openshift.io/v1]
- ImageStreamImport [image.openshift.io/v1]
- ImageSignature [image.openshift.io/v1]
- ImageStreamLayers [image.openshift.io/v1]
- ImageStreamTag [image.openshift.io/v1]
- About Image APIs
- ImageStreamImage [image.openshift.io/v1]
- ImageStream [image.openshift.io/v1]
- SecretList [image.openshift.io/v1]
- ImageTag [image.openshift.io/v1]
- ImageStreamMapping [image.openshift.io/v1]
- Machine APIs
- MachineSet [machine.openshift.io/v1beta1]
- KubeletConfig [machineconfiguration.openshift.io/v1]
- MachineConfig [machineconfiguration.openshift.io/v1]
- MachineHealthCheck [machine.openshift.io/v1beta1]
- MachineConfigPool [machineconfiguration.openshift.io/v1]
- ControlPlaneMachineSet [machine.openshift.io/v1]
- ContainerRuntimeConfig [machineconfiguration.openshift.io/v1]
- About Machine APIs
- Machine [machine.openshift.io/v1beta1]
- ControllerConfig [machineconfiguration.openshift.io/v1]
- Metadata APIs
- Monitoring APIs
- PrometheusRule [monitoring.coreos.com/v1]
- About Monitoring APIs
- ServiceMonitor [monitoring.coreos.com/v1]
- AlertmanagerConfig [monitoring.coreos.com/v1beta1]
- Probe [monitoring.coreos.com/v1]
- PodMonitor [monitoring.coreos.com/v1]
- Prometheus [monitoring.coreos.com/v1]
- ThanosRuler [monitoring.coreos.com/v1]
- Alertmanager [monitoring.coreos.com/v1]
- Network APIs
- EgressQoS [k8s.ovn.org/v1]
- EgressRouter [network.operator.openshift.io/v1]
- PodNetworkConnectivityCheck [controlplane.operator.openshift.io/v1alpha1]
- IPPool [whereabouts.cni.cncf.io/v1alpha1]
- NetworkAttachmentDefinition [k8s.cni.cncf.io/v1]
- IngressClass [networking.k8s.io/v1]
- Ingress [networking.k8s.io/v1]
- NetworkPolicy [networking.k8s.io/v1]
- Service [undefined/v1]
- EndpointSlice [discovery.k8s.io/v1]
- EgressIP [k8s.ovn.org/v1]
- Endpoints [undefined/v1]
- EgressFirewall [k8s.ovn.org/v1]
- About Network APIs
- CloudPrivateIPConfig [cloud.network.openshift.io/v1]
- Route [route.openshift.io/v1]
- OverlappingRangeIPReservation [whereabouts.cni.cncf.io/v1alpha1]
- Node APIs
- OAuth APIs
- Operator APIs
- ImagePruner [imageregistry.operator.openshift.io/v1]
- KubeScheduler [operator.openshift.io/v1]
- DNSRecord [ingress.operator.openshift.io/v1]
- Network [operator.openshift.io/v1]
- Config [samples.operator.openshift.io/v1]
- OperatorPKI [network.operator.openshift.io/v1]
- KubeStorageVersionMigrator [operator.openshift.io/v1]
- ImageContentSourcePolicy [operator.openshift.io/v1alpha1]
- Config [imageregistry.operator.openshift.io/v1]
- Console [operator.openshift.io/v1]
- CSISnapshotController [operator.openshift.io/v1]
- OpenShiftControllerManager [operator.openshift.io/v1]
- DNS [operator.openshift.io/v1]
- About Operator APIs
- KubeControllerManager [operator.openshift.io/v1]
- Authentication [operator.openshift.io/v1]
- ClusterCSIDriver [operator.openshift.io/v1]
- Storage [operator.openshift.io/v1]
- Config [operator.openshift.io/v1]
- KubeAPIServer [operator.openshift.io/v1]
- ServiceCA [operator.openshift.io/v1]
- CloudCredential [operator.openshift.io/v1]
- OpenShiftAPIServer [operator.openshift.io/v1]
- IngressController [operator.openshift.io/v1]
- InsightsOperator [operator.openshift.io/v1]
- Etcd [operator.openshift.io/v1]
- OperatorHub APIs
- OLMConfig [operators.coreos.com/v1]
- Operator [operators.coreos.com/v1]
- About OperatorHub APIs
- OperatorCondition [operators.coreos.com/v2]
- CatalogSource [operators.coreos.com/v1alpha1]
- PackageManifest [packages.operators.coreos.com/v1]
- Subscription [operators.coreos.com/v1alpha1]
- OperatorGroup [operators.coreos.com/v1]
- InstallPlan [operators.coreos.com/v1alpha1]
- ClusterServiceVersion [operators.coreos.com/v1alpha1]
- Policy APIs
- Project APIs
- Provisioning APIs
- RBAC APIs
- Role APIs
- Schedule and quota APIs
- About Schedule and quota APIs
- FlowSchema [flowcontrol.apiserver.k8s.io/v1beta1]
- LimitRange [undefined/v1]
- ResourceQuota [undefined/v1]
- ClusterResourceQuota [quota.openshift.io/v1]
- PriorityClass [scheduling.k8s.io/v1]
- AppliedClusterResourceQuota [quota.openshift.io/v1]
- PriorityLevelConfiguration [flowcontrol.apiserver.k8s.io/v1beta1]
- Security APIs
- PodSecurityPolicyReview [security.openshift.io/v1]
- CertificateSigningRequest [certificates.k8s.io/v1]
- PodSecurityPolicySubjectReview [security.openshift.io/v1]
- Secret [undefined/v1]
- ServiceAccount [undefined/v1]
- About Security APIs
- RangeAllocation [security.openshift.io/v1]
- CredentialsRequest [cloudcredential.openshift.io/v1]
- SecurityContextConstraints [security.openshift.io/v1]
- PodSecurityPolicySelfSubjectReview [security.openshift.io/v1]
- Storage APIs
- CSINode [storage.k8s.io/v1]
- CSIStorageCapacity [storage.k8s.io/v1]
- VolumeSnapshotContent [snapshot.storage.k8s.io/v1]
- VolumeSnapshotClass [snapshot.storage.k8s.io/v1]
- VolumeAttachment [storage.k8s.io/v1]
- PersistentVolumeClaim [undefined/v1]
- StorageState [migration.k8s.io/v1alpha1]
- About Storage APIs
- StorageVersionMigration [migration.k8s.io/v1alpha1]
- CSIDriver [storage.k8s.io/v1]
- StorageClass [storage.k8s.io/v1]
- VolumeSnapshot [snapshot.storage.k8s.io/v1]
- Template APIs
- User and group APIs
- Workloads APIs
- DeploymentConfig [apps.openshift.io/v1]
- ReplicationController [undefined/v1]
- StatefulSet [apps/v1]
- DeploymentConfigRollback [apps.openshift.io/v1]
- Job [batch/v1]
- Build [build.openshift.io/v1]
- CronJob [batch/v1]
- BuildLog [build.openshift.io/v1]
- ReplicaSet [apps/v1]
- BuildConfig [build.openshift.io/v1]
- DeploymentLog [apps.openshift.io/v1]
- Deployment [apps/v1]
- DaemonSet [apps/v1]
- DeploymentRequest [apps.openshift.io/v1]
- PersistentVolume [undefined/v1]
- BuildRequest [build.openshift.io/v1]
- Pod [undefined/v1]
- About Workloads APIs
- Understanding API tiers
- API list
- Architecture
- Authentication and authorization
- Configuring OAuth clients
- Managing user-owned OAuth access tokens
- Understanding and managing pod security admission
- Using bound service account tokens
- Understanding identity provider configuration
- Removing the kubeadmin user
- Impersonating the system:admin user
- Using RBAC to define and apply permissions
- Scoping tokens
- Managing security context constraints
- Syncing LDAP groups
- Understanding authentication
- Configuring the internal OAuth server
- Using a service account as an OAuth client
- Using service accounts in applications
- Managing cloud provider credentials
- Understanding and creating service accounts
- Authentication and authorization overview
- Configuring identity providers
- Configuring a GitLab identity provider
- Configuring a Keystone identity provider
- Configuring a GitHub or GitHub Enterprise identity provider
- Configuring a request header identity provider
- Configuring an LDAP identity provider
- Configuring a Google identity provider
- Configuring a basic authentication identity provider
- Configuring an htpasswd identity provider
- Configuring an OpenID Connect identity provider
- Backup and restore
- Restarting a cluster gracefully
- Application backup and restore
- Control plane backup and restore
- Shutting down a cluster gracefully
- Overview of backup and restore operations
- Building applications
- Building applications overview
- Editing applications
- Using config maps with applications
- Deleting applications
- Viewing application composition using the Topology view
- Using the Red Hat Marketplace
- Creating applications
- Deployments
- Projects
- Quotas
- Working with Helm charts
- Monitoring project and application metrics using the Developer perspective
- Idling applications
- Pruning objects to reclaim resources
- Monitoring application health
- Connecting applications to services
- Installing Service Binding Operator
- Understanding Service Binding Operator
- Getting started with service binding
- Exposing binding data from a service
- Service Binding Operator release notes
- Projecting binding data
- Getting started with service binding on IBM Power, IBM Z, and LinuxONE
- Binding workloads using Service Binding Operator
- Connecting an application to a service using the Developer perspective
- CI/CD
- CI/CD overview
- Builds
- Managing build output
- Custom image builds with Buildah
- Using build strategies
- Securing builds by strategy
- Setting up additional trusted certificate authorities for builds
- Performing and configuring basic builds
- Performing advanced builds
- Understanding build configurations
- Troubleshooting builds
- Creating build inputs
- Using Red Hat subscriptions in builds
- Build configuration resources
- Triggering and modifying builds
- Understanding image builds
- CLI tools
- Images
- Image configuration resources
- Using templates
- Using image streams with Kubernetes resources
- Configuring the Cluster Samples Operator
- Overview of images
- Managing image streams
- Using Ruby on Rails
- Creating images
- Using the Cluster Samples Operator with an alternate registry
- Triggering updates on image stream changes
- Managing images
- Using images
- Installing
- Troubleshooting installation issues
- Selecting an installation method and preparing a cluster
- Cluster capabilities
- Installation overview
- Validating an installation
- Disconnected installation mirroring
- Installation configuration
- Installing on Alibaba
- Installing on any platform
- Installing on AWS
- Configuring an AWS account
- Installing a cluster on AWS into a government region
- Installing a private cluster on AWS
- Preparing to install on AWS
- Installing a cluster on AWS with network customizations
- Installing a cluster on AWS with customizations
- Installing a cluster on AWS into a China region
- Installing a cluster on AWS in a restricted network with user-provisioned infrastructure
- Installing a cluster on AWS using CloudFormation templates
- Installing a cluster using AWS Local Zones
- Uninstalling a cluster on AWS
- Manually creating IAM
- Installing a cluster quickly on AWS
- Installing a cluster on AWS into a Secret or Top Secret Region
- Installing a cluster on AWS into an existing VPC
- Installing a cluster on AWS in a restricted network
- Installing on Azure
- Installing a private cluster on Azure
- Installing a cluster on Azure with customizations
- Installing a cluster on Azure into an existing VNet
- Enabling user-managed encryption on Azure
- Installing a cluster on Azure into a government region
- Uninstalling a cluster on Azure
- Configuring an Azure account
- Preparing to install on Azure
- Manually creating IAM
- Installing a cluster on Azure with network customizations
- Installing a cluster on Azure using ARM templates
- Installing a cluster quickly on Azure
- Installing on Azure Stack Hub
- Configuring an Azure Stack Hub account
- Preparing to install on Azure Stack Hub
- Uninstalling a cluster on Azure Stack Hub
- Installing a cluster on Azure Stack Hub using ARM templates
- Installing a cluster on Azure Stack Hub with an installer-provisioned infrastructure
- Installing a cluster on Azure Stack Hub with network customizations
- Installing on bare metal
- Installing on GCP
- Preparing to install on GCP
- Installing a cluster quickly on GCP
- Installing a cluster on GCP into an existing VPC
- Installing a private cluster on GCP
- Installing a cluster on GCP with customizations
- Installing a cluster on GCP into a shared VPC
- Installing a cluster on GCP in a restricted network with user-provisioned infrastructure
- Installing a cluster on GCP with network customizations
- Installing a cluster on GCP using Deployment Manager templates
- Installing a cluster on GCP in a restricted network
- Uninstalling a cluster on GCP
- Configuring a GCP project
- Installing a cluster into a shared VPC on GCP using Deployment Manager templates
- Manually creating IAM
- Installing on IBM Cloud VPC
- Configuring IAM for IBM Cloud VPC
- Installing a cluster on IBM Cloud VPC into an existing VPC
- Uninstalling a cluster on IBM Cloud VPC
- Installing a cluster on IBM Cloud VPC with customizations
- Preparing to install on IBM Cloud VPC
- Configuring an IBM Cloud account
- Installing a private cluster on IBM Cloud VPC
- Installing a cluster on IBM Cloud VPC with network customizations
- Installing on Nutanix
- Installing on OpenStack
- Installing a cluster on OpenStack in a restricted network
- Uninstalling a cluster on OpenStack from your own infrastructure
- Preparing to install on OpenStack
- Installing a cluster on OpenStack with customizations
- Preparing to install a cluster that uses SR-IOV or OVS-DPDK on OpenStack
- Uninstalling a cluster on OpenStack
- Installing a cluster on OpenStack with Kuryr on your own infrastructure
- Installing a cluster on OpenStack with Kuryr
- Installing a cluster on OpenStack on your own infrastructure
- OpenStack Cloud Controller Manager reference guide
- Installing on oVirt
- Installing on VMC
- Installing a cluster on VMC in a restricted network
- Preparing to install on VMC
- Installing a cluster on VMC with user-provisioned infrastructure and network customizations
- Installing a cluster on VMC in a restricted network with user-provisioned infrastructure
- Installing a cluster on VMC
- Installing a cluster on VMC with network customizations
- Uninstalling a cluster on VMC
- Installing a cluster on VMC with user-provisioned infrastructure
- Installing a cluster on VMC with customizations
- Installing on vSphere
- Installing a cluster on vSphere with user-provisioned infrastructure
- Installing a cluster on vSphere with network customizations
- Installing a cluster on vSphere
- Preparing to install on vSphere
- Installing a cluster on vSphere with user-provisioned infrastructure and network customizations
- Uninstalling a cluster on vSphere that uses installer-provisioned infrastructure
- Installing a cluster on vSphere in a restricted network
- Installing a cluster on vSphere with customizations
- Installing a cluster on vSphere in a restricted network with user-provisioned infrastructure
- Using the vSphere Problem Detector Operator
- Installing bare metal clusters on IBM Cloud
- Deploying installer-provisioned clusters on bare metal
- Logging
- Forwarding logs to third party systems
- Viewing cluster dashboards
- Collecting and storing Kubernetes events
- Viewing logs for a specific resource
- Viewing cluster logs in Kibana
- Enabling JSON logging
- Updating Logging
- Release notes
- Logging with the LokiStack
- Uninstalling Logging
- About Logging
- Exported fields
- Installing Logging
- Configuring your Logging deployment
- Configuring the log visualizer
- Using tolerations to control Logging pod placement
- About the Cluster Logging custom resource
- Configuring the log store
- Configuring CPU and memory limits for Logging components
- Maintenance and support
- Configuring the logging collector
- Moving the Logging resources with node selectors
- Configuring systemd-journald for Logging
- Configuring Logging storage
- Troubleshooting Logging
- Machine management
- Overview of machine management
- Modifying a compute machine set
- Managing machines with the Cluster API
- Creating infrastructure machine sets
- User-provisioned infrastructure
- Applying autoscaling to a cluster
- Deleting a machine
- Manually scaling a compute machine set
- Deploying machine health checks
- Creating compute machine sets
- Creating a compute machine set on vSphere
- Creating a compute machine set on GCP
- Creating a compute machine set on OpenStack
- Creating a compute machine set on Azure Stack Hub
- Creating a compute machine set on oVirt
- Creating a compute machine set on Nutanix
- Creating a compute machine set on Alibaba Cloud
- Creating a compute machine set on AWS
- Creating a compute machine set on Azure
- Creating a compute machine set on IBM Cloud
- Managing control plane machines
- Migrating from version 3 to 4
- Migration Toolkit for Containers
- Monitoring
- Monitoring overview
- Config map reference for the Cluster Monitoring Operator
- Monitoring bare-metal events
- Troubleshooting monitoring issues
- Configuring the monitoring stack
- Enabling alert routing for user-defined projects
- Managing metrics targets
- Querying metrics
- Enabling monitoring for user-defined projects
- Managing alerts
- Managing metrics
- Accessing third-party monitoring APIs
- Reviewing monitoring dashboards
- The NVIDIA GPU administration dashboard
- Networking
- Changing the cluster network MTU
- Verifying connectivity to an endpoint
- Configuring a custom PKI
- Accessing hosts
- Configuring the Ingress Controller for manual DNS management
- Understanding the DNS Operator
- Using SCTP
- Understanding the Ingress Operator
- About networking
- Configuring the cluster-wide proxy
- Understanding the Cluster Network Operator
- Understanding networking
- Configuring the node port service range
- Using PTP hardware
- Configuring the Ingress Controller endpoint publishing strategy
- Understanding the Ingress Node Firewall Operator
- Networking Operators overview
- Configuring IP failover
- Associating secondary interfaces metrics to network attachments
- Load balancing on OpenStack
- Configuring interface-level network sysctls
- AWS Load Balancer Operator
- Installing the AWS Load Balancer Operator on Secure Token Service cluster
- Installing the AWS Load Balancer Operator
- Serving Multiple Ingresses through a single AWS Load Balancer
- Understanding the AWS Load Balancer Operator
- Creating an instance of the AWS Load Balancer Controller
- Adding TLS termination on the AWS Load Balancer
- Configuring ingress cluster traffic
- Configuring ingress cluster traffic on AWS
- Configuring ingress cluster traffic using load balancer allowed source ranges
- Configuring ingress cluster traffic using a NodePort
- Configuring ingress cluster traffic using a service external IP
- Configuring ingress cluster traffic using an Ingress Controller
- Configuring ExternalIPs for services
- Configuring ingress cluster traffic using a load balancer
- Overview
- Configuring Routes
- External DNS Operator
- Creating DNS records on an public zone for Azure
- Creating DNS records on an public managed zone for GCP
- Understanding the External DNS Operator
- Installing the External DNS Operator
- Creating DNS records on a public DNS zone for Infoblox
- External DNS Operator configuration parameters
- Creating DNS records on an public hosted zone for AWS
- Hardware networks
- Tuning sysctl settings on an SR-IOV network
- Using DPDK and RDMA
- Switching Bluefield-2 from NIC to DPU mode
- Configuring hardware offloading
- Configuring an SR-IOV InfiniBand network attachment
- Using pod-level bonding for secondary networks
- Installing the SR-IOV Operator
- Configuring an SR-IOV network device
- Configuring the SR-IOV Operator
- Uninstalling the SR-IOV Operator
- About Single Root I/O Virtualization (SR-IOV) hardware networks
- Adding a pod to an SR-IOV network
- Using high performance multicast
- Configuring an SR-IOV Ethernet network attachment
- Kubernetes NMState
- Load balancing with MetalLB
- Configuring MetalLB address pools
- Configuring MetalLB BFD profiles
- MetalLB logging, troubleshooting, and support
- Advertising an IP address pool using the community alias
- Installing the MetalLB Operator
- Upgrading the MetalLB Operator
- Configuring services to use MetalLB
- Advertising the IP address pools
- Configuring MetalLB BGP peers
- About MetalLB and the MetalLB Operator
- Multiple networks
- Removing an additional network
- Configuring an additional network
- Configuring multi-network policy
- Understanding multiple networks
- Assigning a secondary network to a VRF
- Attaching a pod to an additional network
- Removing a pod from an additional network
- About virtual routing and forwarding
- Editing an additional network
- Network Observability
- Network policy
- OpenShift SDN network plugin
- Editing an egress firewall for a project
- Deploying an egress router pod in redirect mode
- Deploying an egress router pod in HTTP proxy mode
- Configuring multitenant isolation
- About the OpenShift SDN network plugin
- Configuring an egress firewall for a project
- Configuring kube-proxy
- Configuring an egress router pod destination list from a config map
- Considerations for the use of an egress router pod
- Removing an egress firewall from a project
- Configuring egress IPs for a project
- Disabling multicast for a project
- Deploying an egress router pod in DNS proxy mode
- Enabling multicast for a project
- Viewing an egress firewall for a project
- OVN-Kubernetes network plugin
- Viewing an egress firewall for a project
- Removing an egress firewall from a project
- Configuring IPsec encryption
- Considerations for the use of an egress router pod
- Deploying an egress router pod in redirect mode
- Logging for egress firewall and network policy rules
- Configuring an egress firewall for a project
- Converting to IPv4/IPv6 dual stack networking
- Enabling multicast for a project
- Migrating from the OpenShift SDN network plugin
- Rolling back to the OpenShift SDN network plugin
- Assigning an egress IP address
- Configuring hybrid networking
- Configuring an egress IP address
- About the OVN-Kubernetes network plugin
- Disabling multicast for a project
- Tracking network flows
- Editing an egress firewall for a project
- Nodes
- Overview of nodes
- Controlling pod placement onto nodes (scheduling)
- Placing pods onto overcommited nodes
- Placing pods on specific nodes using node selectors
- Evicting pods using the descheduler
- Controlling pod placement using pod topology spread constraints
- About pod placement using the scheduler
- Placing pods relative to other pods using pod affinity and anti-affinity rules
- Secondary scheduler
- Scheduling pods using a scheduler profile
- Controlling pod placement using node taints
- Controlling pod placement on nodes using node affinity rules
- Using Jobs and DaemonSets
- Working with clusters
- Configuring the Linux cgroup on your nodes
- Analyzing cluster resource levels
- Configuring cluster memory to meet container memory and risk requirements
- Enabling features using FeatureGates
- Improving cluster stability in high latency environments using worker latency profiles
- Setting limit ranges
- Viewing system event information in a cluster
- Configuring your cluster to place pods on overcommited nodes
- Working with containers
- Using volumes to persist container data
- Understanding containers
- Mapping volumes using projected volumes
- Executing remote commands in a container
- Copying files to or from a container
- Using port forwarding to access applications in a container
- Allowing containers to consume API objects
- Using sysctls in containers
- Using Init Containers to perform tasks before a pod is deployed
- Working with nodes
- Working with nodes
- Allocating resources for nodes
- Managing nodes
- Managing the maximum number of pods per node
- Using the Node Tuning Operator
- Freeing node resources using garbage collection
- Creating infrastructure nodes
- Understanding node rebooting
- Configuring the TLS security profile for the kubelet
- Allocating specific CPUs for nodes in a cluster
- Viewing and listing the nodes in your cluster
- Machine Config Daemon metrics
- Remediation, fencing, and maintenance
- Working with pods
- Configuring a cluster for pods
- Placing pods on specific nodes using node selectors
- Automatically scaling pods with the custom metrics autoscaler
- Using Device Manager to make devices available to nodes
- Creating and using config maps
- Including pod priority in pod scheduling decisions
- Automatically scaling pods with the horizontal pod autoscaler
- About pods
- Automatically adjust pod resource levels with the vertical pod autoscaler
- Viewing pods
- Providing sensitive data to pods
- Operators
- Cluster Operators reference
- Operators overview
- Administrator tasks
- Managing custom catalogs
- Managing platform Operators
- Using OLM on restricted networks
- Configuring OLM features
- Deleting Operators from a cluster
- Configuring proxy support
- Managing Operator conditions
- Updating installed Operators
- Adding Operators to a cluster
- Allowing non-cluster administrators to install Operators
- Viewing Operator status
- Developing Operators
- Object pruning utility
- Migrating to Operator SDK v0.1.0
- Installing the Operator SDK CLI
- Configuring leader election
- Migrating package manifest projects to bundle format
- Working with bundle images
- Defining cluster service versions (CSVs)
- Operator SDK CLI reference
- High-availability or single-node cluster detection and support
- Validating Operator bundles
- Configuring built-in monitoring with Prometheus
- Validating Operators using the scorecard
- Helm-based Operators
- Java-based Operators
- About the Operator SDK
- Go-based Operators
- Ansible-based Operators
- Understanding Operators
- User tasks
- Post-installation configuration
- Network configuration
- Bare metal configuration
- Enabling cluster capabilities
- Fedora CoreOS (FCOS) image layering
- Configuring additional devices in an IBM Z or LinuxONE environment
- Machine configuration tasks
- Configuring a private cluster
- Cluster tasks
- Node tasks
- Configuring alert notifications
- Configuring multi-architecture compute machines on an OpenShift cluster
- Preparing for users
- Storage configuration
- Converting a connected cluster to a disconnected cluster
- Registry
- Registry overview
- Image Registry Operator in OKD
- Accessing the registry
- Exposing the registry
- Setting up and configuring the registry
- Configuring the registry for OpenShift Data Foundation
- Configuring the registry for OpenStack
- Configuring the registry for OpenStack user-provisioned infrastructure
- Configuring the registry for vSphere
- Configuring the registry for bare metal
- Configuring the registry for GCP user-provisioned infrastructure
- Configuring the registry for AWS user-provisioned infrastructure
- Configuring the registry for Azure user-provisioned infrastructure
- Scalability and performance
- Using Topology Manager
- Using CPU Manager
- Recommended performance and scalability practices
- Optimizing networking
- Scheduling NUMA-aware workloads
- Scaling the Cluster Monitoring Operator
- Topology Aware Lifecycle Manager for cluster updates
- Improving cluster stability in high latency environments using worker latency profiles
- Planning your environment according to object maximums
- Low latency tuning
- Performing latency tests for platform verification
- Using the Node Tuning Operator
- Requesting CRI-O and Kubelet profiling data by using the Node Observability Operator
- Workload partitioning in single-node OpenShift
- Optimizing CPU usage
- Optimizing routing
- Creating a performance profile
- Optimizing storage
- What huge pages do and how they are consumed by apps
- Managing bare metal hosts
- Clusters at the network far edge
- Preparing the hub cluster for ZTP
- Updating GitOps ZTP
- Manually installing a single-node OpenShift cluster with ZTP
- Recommended single-node OpenShift cluster configuration for vDU application workloads
- Pre-caching images for single-node OpenShift deployments
- Updating managed clusters with the Topology Aware Lifecycle Manager
- Installing managed clusters with RHACM and SiteConfig resources
- Expanding single-node OpenShift clusters with GitOps ZTP
- Configuring managed clusters with policies and PolicyGenTemplate resources
- Challenges of the network far edge
- Advanced managed cluster configuration with SiteConfig resources
- Validating cluster tuning for vDU application workloads
- Advanced managed cluster configuration with PolicyGenTemplate resources
- Security and compliance
- Security and compliance overview
- Scanning pods for vulnerabilities
- Configuring seccomp profiles
- Configuring the audit log policy
- Configuring TLS security profiles
- Network-Bound Disk Encryption (NBDE)
- Viewing audit logs
- Allowing JavaScript-based access to the API server from additional hosts
- Encrypting etcd data
- Compliance Operator
- Performing advanced Compliance Operator tasks
- Understanding the Compliance Operator
- Managing the Compliance Operator
- Troubleshooting the Compliance Operator
- Using the oc-compliance plugin
- Compliance Operator release notes
- Uninstalling the Compliance Operator
- Managing Compliance Operator remediation
- Retrieving Compliance Operator raw results
- Understanding the Custom Resource Definitions
- Compliance Operator scans
- Supported compliance profiles
- Tailoring the Compliance Operator
- Installing the Compliance Operator
- Configuring certificates
- Container security
- Securing the build process
- Securing attached storage
- Securing networks
- Deploying containers
- Container image signatures
- Using container registries securely
- Understanding container security
- Securing the container platform
- Hardening Fedora CoreOS
- Understanding compliance
- Understanding host and VM security
- Monitoring cluster events and logs
- Securing container content
- File Integrity Operator
- Security Profiles Operator
- Managing SELinux profiles
- Advanced Security Profiles Operator tasks
- Security Profiles Operator release notes
- Enabling the Security Profiles Operator
- Understanding the Security Profiles Operator
- Security Profiles Operator overview
- Managing seccomp profiles
- Troubleshooting the Security Profiles Operator
- Uninstalling the Security Profiles Operator
- Certificate types and descriptions
- Service CA certificates
- Ingress certificates
- etcd certificates
- OLM certificates
- Aggregated API client certificates
- Node certificates
- Monitoring and cluster logging Operator component certificates
- Machine Config Operator certificates
- Bootstrap certificates
- User-provided certificates for default ingress
- Proxy certificates
- Control plane certificates
- User-provided certificates for the API server
- Specialized hardware and driver enablement
- Storage
- Understanding ephemeral storage
- Storage overview
- Generic ephemeral volumes
- Expanding persistent volumes
- Dynamic provisioning
- Understanding persistent storage
- Configuring persistent storage
- Persistent storage using NFS
- Persistent Storage using iSCSI
- Persistent storage using FlexVolume
- Persistent storage using AWS Elastic Block Store
- Persistent storage using Red Hat OpenShift Data Foundation
- Persistent storage using hostPath
- Persistent storage using Cinder
- Persistent storage using local volumes
- Persistent storage using VMware vSphere
- Persistent storage using Azure Disk
- Persistent storage using Fibre Channel
- Persistent storage using GCE Persistent Disk
- Persistent storage using Azure File
- Using Container Storage Interface (CSI)
- OpenStack Cinder CSI Driver Operator
- VMware vSphere CSI Driver Operator
- CSI automatic migration
- Shared Resource CSI Driver Operator
- IBM VPC Block CSI Driver Operator
- CSI volume cloning
- CSI inline ephemeral volumes
- Azure File CSI Driver Operator
- Red Hat Virtualization CSI Driver Operator
- Azure Stack Hub CSI Driver Operator
- OpenStack Manila CSI Driver Operator
- Configuring CSI volumes
- AWS Elastic File Service CSI Driver Operator
- GCP Filestore CSI Driver Operator
- AWS Elastic Block Store CSI Driver Operator
- CSI volume snapshots
- AliCloud Disk CSI Driver Operator
- Azure Disk CSI Driver Operator
- GCP PD CSI Driver Operator
- Support
- Managing your cluster resources
- Getting support
- Summarizing cluster specifications
- Gathering data about your cluster
- Support overview
- Remote health monitoring with connected clusters
- Showing data collected by remote health monitoring
- Importing simple content access certificates with Insights Operator
- Using remote health reporting in a restricted network
- Using Insights Operator
- About remote health monitoring
- Enabling remote health reporting
- Using Insights to identify issues with your cluster
- Opting out of remote health reporting
- Troubleshooting
- Verifying node health
- Diagnosing OpenShift CLI (oc) issues
- Troubleshooting storage issues
- Troubleshooting operating system issues
- Troubleshooting the Source-to-Image process
- Troubleshooting CRI-O container runtime issues
- Troubleshooting Operator issues
- Troubleshooting Windows container workload issues
- Investigating pod issues
- Troubleshooting network issues
- Troubleshooting installations
- Investigating monitoring issues
- Updating clusters
- Updating hardware on nodes running on vSphere
- Preparing to perform an EUS-to-EUS update
- Updating a cluster using the web console
- Preparing to update to OKD 4.12
- Performing update using canary rollout strategy
- Understanding OpenShift updates
- Updating clusters overview
- Updating a cluster using the CLI
- Understanding OpenShift update duration
- Understanding upgrade channels
- Virtualization
- About OKD Virtualization
- Getting started with OKD Virtualization
- Using the CLI tools
- Security policies
- Updating OKD Virtualization
- Backup and restore
- Installing
- Live migration
- Virtual machine live migration
- Configuring live migration policies
- Configuring virtual machine eviction strategy
- Cancelling the live migration of a virtual machine instance
- Live migration limits and timeouts
- Migrating a virtual machine over a dedicated additional network
- Migrating a virtual machine instance to another node
- Logging, events, and monitoring
- Monitoring live migration
- Prometheus queries for virtual resources
- Viewing cluster information
- Running OpenShift cluster checkups
- Viewing information about virtual machine workloads
- Exposing custom metrics for virtual machines
- OpenShift Virtualization runbooks
- Monitoring virtual machine health
- Virtualization Overview page
- OpenShift cluster monitoring, logging, and Telemetry
- Viewing OpenShift Virtualization logs
- Viewing events
- Reviewing resource usage by virtual machines
- Diagnosing data volumes using events and conditions
- Node maintenance
- Virtual machines
- Editing virtual machines
- Managing virtual machines with OpenShift Pipelines
- Viewing the QEMU guest agent information for virtual machines
- Installing the QEMU guest agent on virtual machines
- Exporting virtual machines
- Automating Windows installation with sysprep
- Controlling virtual machine states
- Accessing virtual machine consoles
- Installing VirtIO driver on a new Windows virtual machine
- Deleting virtual machines
- Using virtual Trusted Platform Module devices
- Installing VirtIO driver on an existing Windows virtual machine
- Managing config maps, secrets, and service accounts in virtual machines
- Managing virtual machine instances
- Editing boot order
- Creating virtual machines
- Triggering virtual machine failover by resolving a failed node
- Advanced virtual machine management
- Configuring mediated devices
- Configuring PXE booting for virtual machines
- Configuring a watchdog device
- Automatic importing and updating of pre-defined boot sources
- Enabling dedicated resources for a virtual machine
- Enabling descheduler evictions on virtual machines
- Configuring PCI passthrough
- Scheduling virtual machines
- Specifying nodes for virtual machines
- Configuring certificate rotation
- UEFI mode for virtual machines
- Using huge pages with virtual machines
- Working with resource quotas for virtual machines
- Configuring vGPU passthrough
- Cloning virtual machines
- Virtual machine disks
- Hot plugging virtual disks
- Expanding a virtual machine disk
- Creating data volumes
- Moving a local virtual machine disk to a different node
- Using container disks with virtual machines
- Using preallocation for data volumes
- Features for storage
- Managing virtual machine snapshots
- Cloning a data volume using smart-cloning
- Configuring CDI to work with namespaces that have a compute resource quota
- Configuring local storage for virtual machines
- Re-using statically provisioned persistent volumes
- Creating and using boot sources
- Uploading local disk images by using the virtctl tool
- Expanding virtual storage by adding blank disk images
- Preparing CDI scratch space
- Reserving PVC space for file system overhead
- Uploading local disk images by using the web console
- Managing data volume annotations
- Uploading a local disk image to a block storage data volume
- Deleting data volumes
- Importing virtual machines
- Virtual machine networking
- Connecting a virtual machine to a Linux bridge network
- Connecting a virtual machine to a service mesh
- Connecting a virtual machine to an SR-IOV network
- Viewing the IP address of NICs on a virtual machine
- Configuring a virtual machine for the default pod network with OKD Virtualization
- Using a MAC address pool for virtual machines
- Creating a service to expose a virtual machine
- Configuring IP addresses for virtual machines
- Virtual machine templates
- Web console
- What’s new?
- Windows Container Support for OpenShift
- Scheduling Windows container workloads
- Understanding Windows container workloads
- Enabling Windows container workloads
- Windows node upgrades
- Disabling Windows container workloads
- Red Hat OpenShift support for Windows Containers release notes
- Red Hat OpenShift support for Windows Containers overview
- Using Bring-Your-Own-Host Windows instances as nodes
- Removing Windows nodes
- Creating Windows MachineSet objects
暂无相关搜索结果!
本文档使用 全库网 构建
